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The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 IVIONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 1 33). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )^ Responsive to communication(s) filed on 01 April 2004 , 
2a)^ This action is FINAL. 2b)D This action is non-final. 

3) 0 Since this application is in condition for allowance except for fornnal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) S Claim(s) 41-70 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) 13 Claim(s) 41-70 is/are rejected. 
?)□ Claim(s) is/are objected to. 

8) 0 Claim(s) ' are subject to restriction and/or election requirement. 

Application Papers 

9) 0 The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 22 December 1999 is/are: a)K accepted or b)n objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)n All b)n Some * c)^ None of: 

1 .□ Certified copies of the priority documents have been received. 

2.n Certified copies of the priority documents have been received in Application No. . 



3.0 Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 



1 . Claims 41-70 are pending. 

2. Amendment submitted 1 April 2004 has been received and considered. 

Response to Arguments 

3. Applicant's arguments with respect to claims 41-70 have been considered but are 
moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claim 41-43, 45, 47-52, 54, 56-58, 61-62, 64-70 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Proctor et al US Patent No. 6,530,024 in view of 
Hamilton EPO Patent 0,793,170 and Conklin US Patent No. 5,991 ,881 . Proctor 
discloses an adaptive feedback security system. Hamilton discloses a system for 
automatic configuration of home network computers. Conklin discloses a network 



surveillance system. 
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6. With regards to claims 41 , 47, 51 , and 69-70, Proctor teaches that each 
communication device is operative to block a communication from passing to the 
corresponding computer network via the distributed network by terminating the 
communication based on the determination that a communication represents a security 
risk to at least one of the computers coupled to the network (Proctor, column 7 lines 5- 
10), the monitoring of the communication device by the remote monitoring center for 
issuance of an alert signal issued by the communication device in response to a 
determination that the communication represents a security risk to at least one of the 
computers coupled to the computer network (Proctor, column 12 lines 12-21), receiving 
the alert signal at the remote monitoring center (Proctor, column 12 lines 12-14), and 
assigning the alert signal an order and taking responsive action at the remote 
monitoring center based on the assigned order (Proctor, column 10 lines 28-32). 
Proctor fails to teach the sending, storing, and comparing of identification numbers and 
the subsequent configuration messages and the in-line configuration. Hamilton 
discloses the receiving at the remote monitoring center a first transmission comprising a 
first identification number and a network address associated with one of the plurality of 
communication devices monitored by the remote monitoring center (Hamilton, column 3 
lines 1-3 and 12-14), storing the identification number and network address for the 
communication device in a database at the remote monitoring center (Hamilton, column 
3 lines 12-14), receiving at the remote monitoring center a second identification number 
during a second transmission from the communication device (Hamilton, column 3 lines 
4-8), comparing the second identification number with the first identification number at 
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the remote monitoring center and in response to a match between the first and second 
identification numbers identifying a plurality of security policy options that are selectable 
by the communication device (Hamilton, column 7 lines 35-44, column 8 lines 8-14, 
Proctor column 6 lines 1-7), generating a configuration file with the remote monitoring 
center in response to a selection of at least one of the security policy options by the 
communication device where the configuration file governs the intrusion detection 
operation for the communication device (Hamilton, column 7 lines 35-44, column 8 lines 
8-14, Proctor column 6 lines 1-7), and transmitting the configuration file from the remote 
monitoring center to configure the communication device (Hamilton, column 7 lines 35- 
44, column 8 lines 8-14). Conklin teaches the communication device positioned in-line 
with a computer network controlled by one of the customers and a distributed computer 
network that is not controlled by the customers (Conklin, Figure 6). At the time the 
invention was made, it would have been obvious to a person of ordinary skill in the art to 
utilize Hamilton's configuration method and Conklin's method of setting up the 
communication device in-line with Proctor's adaptive security system because it offers 
the advantage of providing a configuration process with reduced complexity but flexible 
enough to provide customized configurations to meet the particular requirements of 
each end user (Hamilton, column 1 lines 13-37) and providing the ability to detect 
intrusions by unauthorized individuals and subsequently track, record, and report on 
their activities (Conklin, column 1 lines 20-26). 

7. With regards to claim 42, Proctor as modified teaches the step of storing the alert 
signal into another database connected to the remote monitoring center wherein the 
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servicing of the protection requirements of a plurality of customers comprises monitoring 
each of the plurality of communication devices for generation of the alert signal (Proctor, 
column 6 lines 41-43, column 10 lines 28-32, Figure 8, column 6 line 53 - column 7 line 
15). 

8. With regards to claims 43, 52 and 58, Proctor as modified teaches the receiving 
at the remote monitoring center status information from one of the communication 
devices (Proctor, column 6 lines 41-43), recording the status information in the 
database (Proctor, column 6 lines 41-43, 49-52), and determining whether the 
communication device meets a plurality of operational requirements based upon the 
status information (Proctor, column 6 line 66 - column 7 line 14). 

9. With regards to claims 45, 54 and 57, Proctor as modified teaches the receiving 
at the remote monitoring center status information from one of the communication 
devices (Proctor, column 6, line 66 - column 7, line 14), determining whether the 
communication device requires a software patch based upon the status information 
(Proctor, column 6, line 66 - column 7, line 14), and transmitting the software patch to 
the communication device in response to determining the communication device 
requires the software patch (Hamilton, column 3, lines 32-36). 

10. With regards to claim 48, Proctor as modified teaches the assigning of a priority 
to the alert signal upon receipt of the alert signal at the remote monitoring center and 
the foHA/arding of the alert signal to the remote agent according to the assigned priority 
((Proctor, column 10, lines 28-32, column 14, lines 46-57). 
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1 1 . With regards to claim 49, Proctor as modified teaches the receiving of an alert 
signal with the remote agent (Proctor, column 10 lines 37-39), determining appropriate 
resolution to address the alert signal (Proctor, column 1 1 lines 49-53, column 6 line 66 - 
column 7 line 14), and sending a message comprising the resolution to a particular one 
of the customers associated with the communication device that issued the alert signal 
(Proctor, column 12 lines 12-21, column 10 lines 37-39). 

12. With regards to claim 50, Proctor as modified teaches that prior to displaying 
security policy options a wake-up signal is received from one of the communication 
devices at the remote monitoring center (Hamilton, column 2 lines 56-58, column 3 lines 
1-3) and in response to the wake-up a configuration file is transmitted from the remote 
monitoring center to the communication device (Hamilton, column 3 lines 1-3). 

13. With regards to claims 56, 65 and 67, Proctor as modified teaches all that is 
described above, and further teaches the determining of a network address for a 
communication device positioned in-line between a distributed computer network and a 
computer network (Conklin, Figure 6), the communication device operable to provide 
protection from an attack communication carried by the distributed computer network 
and intended for transmission to a computer coupled to the computer network (Proctor, 
column 12 lines 12-21 ), transmitting from the communication device a wake-up signal 
comprising the network address via an encrypted communication channel to a remote 
computer (Hamilton, column 2 lines 56-58, column 3 lines 1-3, Conklin column 6, lines 
15-19), receiving from the remote computer configuration information for the 
communication device with the configuration information including a security policy that 
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instructs the communication device to block the attack communication in response to a 
determination by the communication device that the attack poses a security risk 
(Hamilton, column 7 lines 35-44, column 8 lines 8-14, Proctor column 6 lines 1-7, 
column 12 lines 32-41). 

14. With regards to claims 61 and 68, Proctor as modified teaches all that described 
above, and further teaches a remote monitoring center operated on behalf of the entities 
by a service provider (Proctor, column 5 lines 51-53) and the remote monitoring center 
coupled to the distributed computer network remotely located from the each of the 
computer networks (Proctor, Figure 1). 

1 5. With regards to claims 62 and 66, Proctor as modified teaches all that described 
above, and further teaches remote agent personnel for evaluating the alert signal 
(Conklin, column 7 lines 5-7, Proctor column 7 lines 36-41, column 12 lines 12-31). 

16. With regards to claim 64, Proctor as modified teaches the agent personnel 
recommending responsive action to take in reply to an alert signal where the 
recommendation is issued by way of a web server, email, telephone, or pager (Proctor, 
column 14 lines 56-60). 

17. Claims 44, 53 and 59 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Proctor et al US Patent No. 6,530.024, Hamilton EPO Patent 0,793,170, and 
Conklin US Patent No. 5,991 ,881 as applied to claim 41 above, and further in view of 
Frailong et al US Patent No. 6,012,100. 
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1 8. With regards to claims 44, 53 and 59, Proctor as modified fails to teach 
diagnostic variables being used to ensure proper operation of the communication 
device. Frailong discloses the sending of diagnostic variables and the determination if a 
system is functioning properly based on those variables (column 11, lines 1-7). At the 
time the invention was made, it would have been obvious to a person of ordinary skill in 
the art to utilize Frailong's diagnostic system with Proctor as modified because action 
can then be taken to remedy the problem without user intervention (column 1 1 , lines 4- 
7). 



19. Claims 46, 55 and 60 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Proctor et al US Patent No. 6,530,024, Hamilton EPO Patent 0,793,170, and 
Conklin US Patent No. 5,991,881 as applied to claim 41 above, and further in view of 
Fiske US Patent No. 6,324,692 and Gleichauf US Patent No. 6,301 ,668. 

20. With regards to claims 46, 55 and 60, Proctor as modified fails to teach the use 
of a configuration complete signal and subsequent vulnerability analysis. Fiske teaches 
a complete signal that indicates that an upgrade has occurred successfully (Fiske, 
column 5, lines 15-27). At the time the invention was made, it would have been 
obvious to a person of ordinary skill in the art to utilize a complete signal with Proctor as 
modified because once the signal is received control or operation may be returned to 
the communications device (Fiske, column 5, lines 27-29). Gleichauf teaches a system 
to perform a vulnerability analysis on a communications device (Gleichauf, column 7, 
lines 41-59) and the evaluation of the results of the vulnerability analysis (Gleichauf, 
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column 7, lines 21-25). At the time the invention was made, it would have been obvious 
to a person of ordinary skill in the art to utilize Gleichauf s vulnerability analysis system 
with Proctor as modified because it allows the identification and confirmation of network 
vulnerabilities before an attack (Gleichauf, column 5 line 62 - column 6 line 4), 

21. Claim 63 is rejected under 35 U.S.C. 103(a) as being unpatentable over Proctor 
et al US Patent No. 6,530,024, Hamilton EPO Patent 0,793.170, and Conklin US Patent 
No. 5,991 ,881 as applied to claim 62 above, and further in view of Weber et al US 
Patent No. 6,289,201. 

22. With regards to claim 63, Proctor as modified fails to teach the agent personnel 
under control of the service provider while the communication devices are under control 
of the entities subscribing to the network. Weber teaches the agent personnel under 
control of the service provider while the communication devices are under control of the 
entities subscribing to the network (Weber, column 5 lines 14-22, Figure 3, column 6 
lines 22-29). At the time the invention was made, it would have been obvious to a 
person of ordinary skill in the art to utilize Weber's control layout with Proctor as 
modified because it offers the advantage of allowing independent network operators to 
incorporate existing or new services into their equipment for operation (Weber, column 

1 lines 52-63). 



Conclusion 
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23. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 

§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

24. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Andrew L Nalven whose telephone number is 703 305 
8407. The examiner can normally be reached on Monday - Thursday 8-6, Alternate 
Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse can be reached on 703 308 4789. The fax phone number 
for the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

Andrew NalVen 
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